Articles

DDoS Attacks: Bigger and stronger than ever?

Distributed Denial of Service (DDoS) attacks are becoming an ever-increasing threat to many organisations. For those that have recognised the threat and begun to build defences it is a costly process – for those that have ignored the threat, it may be even more costly.

What is a DDoS Attack?

Distributed Denial of Service attacks, or DDoS, utilise computing resources to “flood” organisations with legitimate requests – resulting in a crash of services or inability to access resources. As the name suggests, DDoS attacks can leave organisations crippled and customers unable to access resources such as their accounts.

DDoS attacks can cost companies millions of pounds dependant on how long servers are placed off line and, thanks to highly publicised attacks, organisations are starting to take note of how catastrophic these events can be.

The motivations for these kind of attacks are largely varied – ranging from activists (or “hacktivists”) wanting to demonstrate their upset at the system through to highly well targeted organised criminal groups or nation stations. Whatever the motivation, the outcomes will be the same if organisations fail to implement sufficient controls to prevent attacks such as these occurring.

How does a DDoS attack occur?

As briefly mentioned, DDoS attacks make use of mass computing resources across the Internet to flood a singular organisation with mass amounts of requests to the point that the server cannot handle the data and is forced to crash or be taken off line. This is usually achieved via “bot nets” – a large collection of infected computers utilised by criminals as an army against any target.

Recent weeks have seen a flurry of DDoS based attacks and, as incidents become more publicised, organisations are starting to witness first hand what an effect attacks like this can have on their profit margins.

Cloudfare, a well-established Internet security firm, publicised on February 10th 2014 that it had prevented one of the largest scaled DDoS attacks ever seen against one of its clients. The firm claimed that, at the height of the attack, 400 gigabytes per second of data were thrown at the target – roughly 30 percent larger than any other DDoS attack documented so far. The largest documented DDoS attack so far was against Spamhaus in 2013, and was an attempt to knock down this anti spam site.

Following this announcement, another DDoS attack was reported the next day. This time the virtual currency Bitcoin was briefly affected by an attack, affecting its ability to process any payments for a short period of time. Bitcoin, a giant in the current market, were momentarily crippled by the attack, which they are said to have recovered from.

Additionally, Internet registrars Namecheap were also taken down by a further DDoS attack on February 20th 2014. A massive DDoS attack was said to be targeted at 300 of the websites Namecheap registers and temporarily bought these to a halt. Similarily, bit.ly, a site that creates shortened address spaces was also knocked down in February, however, the details regarding this attack remain unclear.

Meetup.com, a highly ranked social networking site was also said to be fighting a large scale DDoS attack on Monday. In this case, bizarrely, hackers were requesting a sum of money to stop the attack – a similar approach to that of ransomware, a particular type of Malware that holds users to ransom to release contents or functionality of their systems. In this case, the CEO was not prepared to pay and the battle continues.

At a Government level, DDoS attacks were blamed on Russian hackers in a feud with Estonia in 2007 and it is unclear whether, more recently, these played a role in the current situation between Moscow and Ukraine in which communications were knocked off for at least 3 days.

A report issued this month by security firm Prolexic suggested that attacks were up 32 percent in 2013 and, in a similar report issued by Ponemon Institute, it is said that 18 percent of outages in US data centres are now based on DDoS attacks. Reports suggest that the cost of a single outage sits at around the $630,000 for medium-large sized firms.

It is evident that these type of attacks are rapidly increasing in popularity, ease of execution and costs to businesses. Additionally, the sophistication of tools and attackers are also increasing at a dramatic pace, striking fear in the heart of any successful business. Organisations need to move quickly to keep up with the ever-increasing sophistication of attack, attackers and tools. Businesses need to ensure that their resiliency controls can match up with the sophistication of attacks, not an easy feat by any means.

Want further advice on prevention of DDoS attacks? See our articles and resources pages or search for DDoS.